Tests start failing with unordered-containers 0.2.16.0 #753
Description
- This is a bug report
- This is a feature request
- I searched existing issues before opening this one
Expected behavior
Test suite passes and does not depend on non-stable ordering offered by unordered-containers.
Actual behavior
Running 1 test suites...
Test suite hadolint-unit-tests: RUNNING...
Hadolint.Config.Commandline
Config from Commandline
parse with no arguments given [✔]
parse version flag
parse -v [✔]
parse --version [✔]
parse config file option
parse -c hadolint.yaml [✔]
parse --config hadolint.yaml [✔]
parse file arguments
parse `Dockerfile` [✔]
parse `Dockerfile1 Dockerfile2` [✔]
parse --file-path-in-report foobar/Dockerfile [✔]
parse general configuration
parse --no-fail [✔]
parse --no-color [✔]
parse -V [✔]
parse --verbose [✔]
parse -f json [✔]
parse --format [✔]
parse severity overrides
parse --error=DL3010 [✔]
parse --error=DL3010 --error=DL3020 [✔]
parse --warning=DL3010 [✔]
parse --warning=DL3010 --warning=DL3020 [✔]
parse --info=DL3010 [✔]
parse --info=DL3010 --info=DL3020 [✔]
parse --style=DL3010 [✔]
parse --style=DL3010 --style=DL3020 [✔]
parse --ignore=DL3010 [✔]
parse --ignore=DL3010 --ignore=DL3020 [✔]
parse trusted registries
parse --trusted-registry foobar.com [✔]
parse --trusted-registry foobar.com --trusted-registry barfoo.io [✔]
parse required labels
parse --require-label foo:email [✔]
parse --require-label foo:email --require-label bar:text [✔]
parse strict labels
parse --strict-labels [✔]
parse failure thresholds
parse -t warning [✔]
parse --failure-threshold style [✔]
fail parsing on garbage input
fail parsing --blafoo [✔]
fail parsing --require-label foo:bar [✔]
Hadolint.Config.Configfile
Config from Configfile
parse empty config file [✔]
parse `no-fail: true` [✔]
parse `no-fail: false` [✔]
parse `no-color: true` [✔]
parse `no-color: false` [✔]
parse `verbose: true` [✔]
parse `verbose: false` [✔]
parse `output-format: json` [✔]
parse `output-format: sarif` [✔]
parse override error rules [✔]
parse override warning rules [✔]
parse override info rules [✔]
parse override style rules [✔]
parse ignored rules [✔]
parse trusted registries [✔]
parse label schema [✔]
parse strict-labels: true [✔]
parse strict-labels: false [✔]
parse `failure-threshold: warning` [✔]
parse `failure-threshold: style` [✔]
Hadolint.Config.Configuration
Configuration
default configuration [✔]
override default configuration with empty config [✔]
override default with specific configuration: no-fail [✔]
override default with specific configuration: no-color [✔]
empty should not override: no-color [✔]
override default with specific configuration: verbose [✔]
override default with specific configuration: output-format json [✔]
Hadolint.Config.Environment
Config from Environment
Empty config when nothing is set [✔]
parse HADOLINT_NOFAIL=1 [✔]
parse HADOLINT_NOFAIL=0 [✔]
parse NO_COLOR=y [✔]
parse NO_COLOR=n [✔]
parse HADOLINT_VERBOSE=on [✔]
parse HADOLINT_VERBOSE=off [✔]
parse HADOLINT_FORMAT=json [✔]
parse HADOLINT_FORMAT=sarif [✔]
parse HADOLINT_OVERRIDE_ERROR=DL3010 [✔]
parse HADOLINT_OVERRIDE_ERROR=DL3010,DL3011 [✔]
parse HADOLINT_OVERRIDE_WARNING=DL3010 [✔]
parse HADOLINT_OVERRIDE_WARNING=DL3010,DL3011 [✔]
parse HADOLINT_OVERRIDE_INFO=DL3010 [✔]
parse HADOLINT_OVERRIDE_INFO=DL3010,DL3011 [✔]
parse HADOLINT_OVERRIDE_STYLE=DL3010 [✔]
parse HADOLINT_OVERRIDE_STYLE=DL3010,DL3011 [✔]
parse HADOLINT_IGNORE=DL3010 [✔]
parse HADOLINT_IGNORE=DL3010,DL3011 [✔]
parse HADOLINT_ALLOWED_REGISTRIES=foobar.com [✔]
parse HADOLINT_ALLOWED_REGISTIRES=foobar.com,barfoo.com [✔]
parse HADOLINT_REQUIRE_LABELS=foo:email [✔]
parse HADOLINT_REQUIRE_LABELS=foo:email,bar:text [✔]
parse HADOLINT_STRICT_LABELS=yes [✔]
parse HADOLINT_STRICT_LABELS=false [✔]
parse HADOLINT_FAILURE_THRESHOLD=error [✔]
parse HADOLINT_FAILURE_THRESHOLD=style [✔]
Hadolint.Formatter.ParseError
Parse Errors
display error after line pos [✔]
display just the error message [✔]
Hadolint.Formatter.Sarif
Formatter: Sarif
print empty results [✘]
Hadolint.Formatter.TTY
Formatter: TTY
print empty results [✔]
print some result: no colors [✔]
print some result: with colors [✔]
print multiple results: no colors [✔]
print multiple results: with colors [✔]
Hadolint.Pragma
Rules can be ignored with inline comments
ignores single rule [✔]
ignores only the given rule [✔]
ignores only the given rule, when multiple passed [✔]
ignores the rule only if directly above the instruction [✔]
won't ignore the rule if passed invalid rule names [✔]
ignores multiple rules correctly, even with some extra whitespace [✔]
Hadolint.Rule.DL3000
DL3000 - Use absolute WORKDIR.
workdir relative [✔]
workdir absolute [✔]
workdir variable [✔]
workdir relative single quotes [✔]
workdir absolute single quotes [✔]
workdir relative double quotes [✔]
workdir absolute double quotes [✔]
workdir variable double quotes [✔]
workdir absolute windows [✔]
workdir absolute windows quotes [✔]
workdir absolute windows alternative [✔]
workdir absolute windows quotes alternative [✔]
Hadolint.Rule.DL3001
DL3001 - invalid CMD rules
invalid cmd [✔]
install ssh [✔]
Hadolint.Rule.DL3002
DL3002 - Last user should not be root.
last user should not be root [✔]
no root [✔]
no root UID [✔]
no root:root [✔]
no UID:GID [✔]
can switch back to non root [✔]
warns on transitive root user [✔]
warns on multiple stages [✔]
does not warn when switching in multiple stages [✔]
Hadolint.Rule.DL3003
DL3003 - Use WORKDIR to switch to a directory.
ok using WORKDIR [✔]
not ok using cd [✔]
Hadolint.Rule.DL3004
DL3004 - Do not use sudo as it leads to unpredictable behavior. Use a tool like gosu to enforce root.
sudo [✔]
install sudo [✔]
sudo chained programs [✔]
Hadolint.Rule.DL3005
DL3005
apt-get dist-upgrade [✔]
Hadolint.Rule.DL3006
DL3006 - Always tag the version of an image explicitly.
no untagged [✔]
no untagged with name [✔]
untagged digest is not an error [✔]
untagged digest is not an error [✔]
local aliases are OK to be untagged [✔]
other untagged cases are not ok [✔]
scratch [✔]
Hadolint.Rule.DL3007
DL3007 - Using latest is prone to errors if the image will ever update. Pin the version explicitly to a release tag.
explicit latest [✔]
explicit latest with name [✔]
explicit tagged [✔]
explicit SHA [✔]
explicit tagged with name [✔]
Hadolint.Rule.DL3008
DL3008 - Pin versions in apt-get install.
apt-get version pinning [✔]
apt-get pinned chained [✔]
apt-get pinned regression [✔]
apt-get version [✔]
apt-get version [✔]
apt-get pinned [✔]
apt-get tolerate target-release [✔]
Hadolint.Rule.DL3009
DL3009 - Delete the apt-get lists after installing something.
apt-get no cleanup [✔]
apt-get cleanup in stage image [✔]
apt-get no cleanup in last stage [✔]
apt-get no cleanup in intermediate stage [✔]
no warn apt-get cleanup in intermediate stage that cleans lists [✔]
no warn apt-get cleanup in intermediate stage when stage not used later [✔]
apt-get cleanup [✔]
don't warn: BuildKit cache mount to apt lists directory [✔]
don't warn: BuildKit cache mount to apt directories 1 [✔]
don't warn: BuildKit cache mount to apt directories 2 [✔]
warn: BuildKit cache mount to apt cache directory only [✔]
warn: BuildKit cache mount to apt lists directory only [✔]
Hadolint.Rule.DL3010
DL3010 - Use `ADD` for extracting archives into an image
catch: copy archive then extract 1 [✔]
catch: copy archive then extract 2 [✔]
catch: copy archive then extract 3 [✔]
catch: copy archive then extract windows paths 1 [✔]
catch: copy archive then extract windows paths 2 [✔]
ignore: copy archive without extract [✔]
ignore: non archive [✔]
ignore: copy from previous stage [✔]
Hadolint.Rule.DL3011
EXPOSE rules
invalid port [✔]
valid port [✔]
Hadolint.Rule.DL3012
DL3012 - Multiple `HEALTHCHECK` instructions
ok with no HEALTHCHECK instruction [✔]
ok with one HEALTHCHECK instruction [✔]
ok with two HEALTHCHECK instructions in two stages [✔]
warn with two HEALTHCHECK instructions [✔]
Hadolint.Rule.DL3013
DL3013 - Pin versions in pip.
pip2 version not pinned [✔]
pip3 version not pinned [✔]
pip3 version pinned [✔]
pip3 install from local package [✔]
pip install requirements [✔]
pip install requirements with long flag [✔]
pip install use setup.py [✔]
pip version not pinned [✔]
pip version pinned [✔]
pip version pinned with ~= operator [✔]
pip version pinned with === operator [✔]
pip version pinned with flag --ignore-installed [✔]
pip version pinned with flag --build [✔]
pip version pinned with flag --prefix [✔]
pip version pinned with flag --root [✔]
pip version pinned with flag --target [✔]
pip version pinned with flag --trusted-host [✔]
pip version pinned with python -m [✔]
pip version not pinned with python -m [✔]
pip install git [✔]
pip install unversioned git [✔]
pip install upper bound [✔]
pip install lower bound [✔]
pip install excluded version [✔]
pip install user directory [✔]
pip install no pip version check [✔]
pip install --index-url [✔]
pip install index-url with -i flag [✔]
pip install --index-url with --extra-index-url [✔]
pip install no cache dir [✔]
pip install constraints file - long version argument [✔]
pip install constraints file - short version argument [✔]
pip install --index-url with --extra-index-url with basic auth [✔]
Hadolint.Rule.DL3014
DL3014 - Use the -y switch.
apt-get auto yes [✔]
apt-get yes shortflag [✔]
apt-get yes quiet level 2 implies -y [✔]
apt-get yes different pos [✔]
apt-get with auto yes [✔]
apt-get with auto expanded yes [✔]
apt-get with assume-yes [✔]
Hadolint.Rule.DL3015
DL3015 - Avoid additional packages by specifying `--no-install-recommends`.
apt-get install recommends [✔]
apt-get no install recommends [✔]
apt-get no install recommends [✔]
apt-get no install recommends via option [✔]
Hadolint.Rule.DL3016
DL3016 - Pin versions in npm.
version pinned in package.json [✔]
version pinned in package.json with arguments [✔]
version pinned [✔]
version pinned with scope [✔]
version pinned multiple packages [✔]
version pinned with --global [✔]
version pinned with -g [✔]
version does not have to be pinned for tarball suffix .tar [✔]
version does not have to be pinned for tarball suffix .tar.gz [✔]
version does not have to be pinned for tarball suffix .tgz [✔]
version does not have to be pinned for folder - absolute path [✔]
version does not have to be pinned for folder - relative path from current folder [✔]
version does not have to be pinned for folder - relative path to parent folder [✔]
version does not have to be pinned for folder - relative path from home [✔]
commit pinned for git+ssh [✔]
commit pinned for git+http [✔]
commit pinned for git+https [✔]
commit pinned for git [✔]
npm run install is fine [✔]
version pinned with scope [✔]
version not pinned [✔]
version not pinned with scope [✔]
version not pinned multiple packages [✔]
version not pinned with --global [✔]
commit not pinned for git+ssh [✔]
commit not pinned for git+http [✔]
commit not pinned for git+https [✔]
commit not pinned for git [✔]
don't fire on loglevel flag [✔]
Hadolint.Rule.DL3018
DL3018 - Pin versions in `apk add`.
apk add version pinning single [✔]
apk add no version pinning single [✔]
apk add version pinned chained [✔]
apk add version pinned regression [✔]
apk add version pinned regression - one missed [✔]
apk add virtual package [✔]
apk add with repository without equal sign [✔]
apk add with repository with equal sign [✔]
apk add with repository (-X) without equal sign [✔]
don't trigger when installing from .apk file [✔]
Hadolint.Rule.DL3019
DL3019 - Use the --no-cache switch.
apk add with --no-cache [✔]
apk add without --no-cache [✔]
don't warn: apk add with BuildKit cache mount [✔]
don't warn: apk add with BuildKit cache mount in wrong dir and --no-cache [✔]
warn: apk add with BuildKit cache mount to wrong dir [✔]
Hadolint.Rule.DL3020
DL3020 - Use `COPY` instead of `ADD` for files and folders.
add for tar [✔]
add for gzip [✔]
add for bz2 [✔]
add for xz [✔]
add for tgz [✔]
add for url [✔]
using add [✔]
warn for zip [✔]
add for tgz with quotes [✔]
add for url with quotes [✔]
warn for zip with quotes [✔]
Hadolint.Rule.DL3021
DL3021 - `COPY` with more than 2 arguments requires the last argument to end with `/`
no warn on 2 args [✔]
warn on 3 args [✔]
no warn on 3 args [✔]
Hadolint.Rule.DL3022
DL3022 - `COPY --from` should reference a previously defined `FROM` alias
warn on missing alias [✔]
warn on alias defined after [✔]
don't warn on correctly defined aliases [✔]
Hadolint.Rule.DL3023
DL3023 - `COPY --from` cannot reference its own `FROM` alias
warn on copying from your the same FROM [✔]
don't warn on copying from other sources [✔]
Hadolint.Rule.DL3024
DL3024 - Duplicate aliases
warn on duplicate aliases [✔]
don't warn on unique aliases [✔]
Hadolint.Rule.DL3025
DL3025 - Use arguments JSON notation for `CMD` and `ENTRYPOINT` arguments
warn on ENTRYPOINT [✔]
don't warn on ENTRYPOINT json notation [✔]
warn on CMD [✔]
don't warn on CMD json notation [✔]
Hadolint.Rule.DL3026
DL2036 - Use only an allowed registry in the FROM image
does not warn on empty allowed registries [✔]
warn on non-allowed registry [✔]
does not warn on allowed registries [✔]
doesn't warn on scratch image [✔]
allows boths all forms of docker.io [✔]
allows using previous stages [✔]
Hadolint.Rule.DL3027
DL3027 - Do not use `apt` as it is meant to be a end-user tool, use `apt-get` or `apt-cache` instead
apt [✔]
Hadolint.Rule.DL3028
DL3028 - Pin versions in gem install.
version pinning
i
unpinned [✔]
pinned [✔]
multi [✔]
install
unpinned [✔]
pinned [✔]
does not warn on -v [✔]
does not warn on --version without = [✔]
does not warn on --version with = [✔]
does not warn on extra flags [✔]
Hadolint.Rule.DL3029
DL3029 - Do not use --platform flag with FROM.
explicit platform flag [✔]
no platform flag [✔]
Hadolint.Rule.DL3030
DL3030 - Use the `-y` switch to avoid manual input `yum install -y <package>`
not ok when not using `-y` switch [✔]
ok when using `-y` switch [✔]
Hadolint.Rule.DL3032
DL3032 - `yum clean all` missing after yum command.
not ok with no clean all [✔]
ok with yum clean all [✔]
Hadolint.Rule.DL3033
DL3033 - Specify version with `yum install -y <package>-<version>`
not ok wihout yum version pinning [✔]
ok with yum version pinning [✔]
not ok wihout yum version pinning - modules [✔]
ok with yum version pinning - modules [✔]
Hadolint.Rule.DL3034
DL3034 - Non-interactive switch missing from zypper command: `zypper install -y`
not ok without non-interactive switch [✔]
ok with non-interactive switch present [✔]
Hadolint.Rule.DL3035
DL3035
not ok: zypper dist-upgrade [✔]
Hadolint.Rule.DL3036
DL3036 - `zypper clean` missing after zypper use.
not ok without zypper clean [✔]
ok with zypper clean [✔]
Hadolint.Rule.DL3037
DL3037 - Specify version with `zypper install -y <package>[=]<version>`.
not ok without zypper version pinning [✔]
ok with different variants of zypper version pinning [✔]
Hadolint.Rule.DL3038
DL3038 - Use the `-y` switch to avoid manual input `dnf install -y <package>`
not ok without dnf non-interactive flag [✔]
ok with dnf non-interactive flag [✔]
Hadolint.Rule.DL3040
DL3040 - `dnf clean all` missing after dnf command.
no ok without dnf clean all [✔]
ok with dnf clean all [✔]
Hadolint.Rule.DL3041
DL3041 - Specify version with `dnf install -y <package>-<version>`
not ok without dnf version pinning [✔]
ok with dnf version pinning [✔]
not ok without dnf version pinning - moudles [✔]
ok with dnf version pinning - modules [✔]
Hadolint.Rule.DL3042
DL3042 - Avoid cache directory with `pip install --no-cache-dir <package>`.
pip2 --no-cache-dir not used [✔]
pip3 --no-cache-dir not used [✔]
pip --no-cache-dir not used [✔]
pip2 --no-cache-dir used [✔]
pip3 --no-cache-dir used [✔]
pip --no-cache-dir used [✔]
don't match on pipx [✔]
don't match on pipenv [✔]
respect ENV PIP_NO_CACHE_DIR with truthy values [✔]
respect RUN PIP_NO_CACHE_DIR=... with truthy values [✔]
respect RUN export PIP_NO_CACHE_DIR=... with truthy values [✔]
respect ENV PIP_NO_CACHE_DIR with falsy values [✔]
respect RUN PIP_NO_CACHE_DIR=... with falsy values [✔]
respect RUN export PIP_NO_CACHE_DIR=... with falsy values [✔]
don't trigger if PIP_NO_CACHE_DIR is inherited [✔]
trigger if PIP_NO_CACHE_DIR is not inherited [✔]
Hadolint.Rule.DL3043
DL3043 - `ONBUILD`, `FROM` or `MAINTAINER` triggered from within `ONBUILD` instruction.
error when using `ONBUILD` within `ONBUILD` [✔]
error when using `FROM` within `ONBUILD` [✔]
error when using `MAINTAINER` within `ONBUILD` [✔]
ok with `ADD` [✔]
ok with `USER` [✔]
ok with `LABEL` [✔]
ok with `STOPSIGNAL` [✔]
ok with `COPY` [✔]
ok with `RUN` [✔]
ok with `CMD` [✔]
ok with `SHELL` [✔]
ok with `WORKDIR` [✔]
ok with `EXPOSE` [✔]
ok with `VOLUME` [✔]
ok with `ENTRYPOINT` [✔]
ok with `ENV` [✔]
ok with `ARG` [✔]
ok with `HEALTHCHECK` [✔]
ok with `FROM` outside of `ONBUILD` [✔]
ok with `MAINTAINER` outside of `ONBUILD` [✔]
Hadolint.Rule.DL3044
DL3044 - Do not refer to an environment variable within the same `ENV` statement where it is defined.
ok with normal ENV [✔]
ok with partial match 1 [✔]
ok with partial match 2 [✔]
ok with partial match 3 [✔]
ok with partial match 4 [✔]
fail with partial match 5 [✔]
ok with parial match 6 [✔]
ok when previously defined in `ARG` [✔]
ok when previously defined in `ENV` [✔]
ok with referencing a variable on its own right hand side [✔]
ok with referencing a variable on its own right side twice in different `ENV`s [✔]
fail when referencing a variable on its own right side twice within the same `ENV` [✔]
fail with selfreferencing with curly braces ENV [✔]
fail with selfreferencing without curly braces ENV [✔]
fail with full match 1 [✔]
fail with full match 2 [✔]
Hadolint.Rule.DL3045
DL3045 - `COPY` without `WORKDIR` set
ok: `COPY` with absolute destination and no `WORKDIR` set [✔]
ok: `COPY` with absolute destination and no `WORKDIR` set with quotes [✔]
ok: `COPY` with absolute destination and no `WORKDIR` set - windows [✔]
ok: `COPY` with absolute destination and no `WORKDIR` set - windows with quotes [✔]
ok: `COPY` with absolute destination and no `WORKDIR` set - windows with alternative paths [✔]
ok: `COPY` with relative destination and `WORKDIR` set [✔]
ok: `COPY` with relative destination and `WORKDIR` set - windows [✔]
ok: `COPY` with destination being an environment variable 1 [✔]
ok: `COPY` with destination being an environment variable 2 [✔]
ok: `COPY` with destination being an environment variable 3 [✔]
ok: `COPY` with destination being an environment variable 4 [✔]
not ok: `COPY` with relative destination and no `WORKDIR` set [✔]
not ok: `COPY` with relative destination and no `WORKDIR` set with quotes [✔]
not ok: `COPY` to relative destination if `WORKDIR` is set in a previous stage but not inherited [✔]
not ok: `COPY` to relative destination if `WORKDIR` is set in a previous stage but not inherited - windows [✔]
ok: `COPY` to relative destination if `WORKDIR` has been set in base image [✔]
ok: `COPY` to relative destination if `WORKDIR` has been set in base image - windows [✔]
ok: `COPY` to relative destination if `WORKDIR` has been set in previous stage, deep case [✔]
ok: `COPY` to relative destination if `WORKDIR` has been set in previous stage, deep case - windows [✔]
ok: `COPY` to relative destination if `WORKDIR` has been set, both within an `ONBUILD` context [✔]
regression: don't crash with single character paths [✔]
Hadolint.Rule.DL3046
DL3046 - `useradd` without flag `-l` and high UID will result in excessively large Image.
ok with `useradd` alone [✔]
ok with `useradd` short uid [✔]
ok with `useradd` long uid and flag `-l` [✔]
ok with `useradd` and just flag `-l` [✔]
warn when `useradd` and long uid without flag `-l` [✔]
Hadolint.Rule.DL3047
DL3047 - `wget` without flag `--progress` will result in excessively bloated build logs when downloading larger files.
warns when using wget without --progress option [✔]
does not warn when running with --progress option [✔]
does not warn when running with -q (quiet short option) and without --progress option [✔]
does not warn when running with --quiet (quiet long option) and without --progress option [✔]
does not warn when running with -nv (no-verbose short option) and without --progress option [✔]
does not warn when running with --no-verbose (no-verbose long option) and without --progress option [✔]
does not warn when running with --output-file (output-file long option) and without --progress option [✔]
does not warn when running with -o (output-file long option) and without --progress option [✔]
does not warn when running with --append-output (append-output long option) and without --progress option [✔]
does not warn when running with -a (append-output long option) and without --progress option [✔]
Hadolint.Rule.DL3048
DL3048 - Invalid Label Key Rule
not ok with reserved namespace [✔]
not ok with invalid character [✔]
not ok with invalid start and end characters [✔]
not ok with consecutive dividers [✔]
ok with valid labels [✔]
Hadolint.Rule.DL3049
DL3049 - Missing label rule spec
not ok: single stage, no label [✔]
not ok: single stage, wrong label [✔]
ok: single stage, label present [✔]
warn twice: two stages, no labels [✔]
warn twice: two stages, wrong labels only [✔]
warn once: two stages, label present in second only [✔]
warn once: two stages, no inheritance, wrong label in one [✔]
warn once: two stages, inheritance, label only defined in second stage [✔]
don't warn: two stages, inheritance [✔]
Hadolint.Rule.DL3050
DL3050 - Superfluous label(s) present.
ok with no label [✔]
ok with required label [✔]
not ok with just other label [✔]
not ok with other label and required label [✔]
Hadolint.Rule.DL3051
DL3051 - Label `<label>` is empty.
not ok with label empty [✔]
ok with label not empty [✔]
ok with other label empty [✔]
Hadolint.Rule.DL3052
DL3052 - Label `<label>` is not a valid URL.
not ok with label not containing URL [✔]
ok with label containing URL [✔]
ok with other label not containing URL [✔]
Hadolint.Rule.DL3053
DL3053 - Label `<label>` is not a valid time format - must be conform to RFC3339.
not ok with label not containing RFC3339 date [✔]
ok with label containing RFC3339 date [✔]
ok with other label not containing RFC3339 date [✔]
Hadolint.Rule.DL3054
DL3054 - Label `<label>` is not a valid SPDX license identifier.
not ok with label not containing SPDX identifier [✔]
ok with label containing SPDX identifier [✔]
ok with other label not containing SPDX identifier [✔]
Hadolint.Rule.DL3055
DL3055 - Label `<label>` is not a valid git hash.
not ok with label not containing git hash [✔]
ok with label containing short git hash [✔]
ok with label containing long git hash [✔]
ok with other label not containing git hash [✔]
Hadolint.Rule.DL3056
DL3056 - Label `<label>` does not conform to semantic versioning.
not ok with label not containing semantic version [✔]
ok with label containing semantic version [✔]
ok with other label not containing semantic version [✔]
Hadolint.Rule.DL3057
DL3057 - `HEALTHCHECK instruction missing
warn with no HEALTHCHECK instructions [✔]
ok with one HEALTHCHECK instruction [✔]
ok with inheriting HEALTHCHECK instruction [✔]
warn when not inheriting with no HEALTHCHECK instruction [✔]
Hadolint.Rule.DL3058
DL3058 - Label `<label>` is not a valid email format - must be conform to RFC5322.
not ok with label not containing valid email [✔]
ok with label containing valid email [✔]
ok with other label not containing valid email [✔]
Hadolint.Rule.DL3059
DL3059 - Multiple consecutive `RUN` instructions
ok with no `RUN` at all [✔]
ok with one `RUN` [✔]
ok with two not consecutive `RUN` [✔]
not ok with two consecutive `RUN`s [✔]
not ok with two `RUN`s separated by a comment [✔]
not ok with two `RUN`s separated by two comment [✔]
ok with one `RUN` after a comment [✔]
ok with two consecutive `RUN`s when flags are different 1 [✔]
ok with two consecutive `RUN`s when flags are different 2 [✔]
not ok with two consecutive `RUN`s when flags are equal [✔]
ok with two consecutive `RUN`s when commands are chained 1 [✔]
ok with two consecutive `RUN`s when commands are chained 2 [✔]
ok with two consecutive `RUN`s when commands are chained 3 [✔]
ok with two consecutive `RUN`s when commands are chained 4 [✔]
ok with two consecutive `RUN`s when commands are chained 5 [✔]
not ok when more than one `RUN` has just one command in a row [✔]
Hadolint.Rule.DL3060
DL3060 - `yarn cache clean` missing after `yarn install`
ok with non-yarn commands [✔]
not ok with no cache clean [✔]
ok with cache clean [✔]
not ok when yarn install is in last stage w/o yarn clean [✔]
not ok when inheriting from stage with yarn install w/o yarn clean [✔]
ok when inheriting from stage with yarn cache clear [✔]
ok when omitting yarn cache clean in stage that is not reused later [✔]
Hadolint.Rule.DL4000
DL4000 - MAINTAINER is deprecated.
has deprecated maintainer [✔]
has maintainer [✔]
has maintainer first [✔]
has no maintainer [✔]
Hadolint.Rule.DL4001
DL4001 - Either use Wget or Curl but not both.
warns when using both wget and curl [✔]
warns when using both wget and curl in same instruction [✔]
does not warn when using only wget [✔]
does not warn when using both curl and wget in different stages [✔]
does not warns when using both, on a single stage [✔]
only warns on the relevant RUN instruction [✔]
only warns on many relevant RUN instructions [✔]
Hadolint.Rule.DL4003
DL4003
many cmds [✔]
single cmds, different stages [✔]
many cmds, different stages [✔]
single cmd [✔]
Hadolint.Rule.DL4004
DL4004
no cmd [✔]
many entrypoints [✔]
single entrypoint, different stages [✔]
many entrypoints, different stages [✔]
single entry [✔]
no entry [✔]
Hadolint.Rule.DL4005
DL4005 - Use `SHELL` to change the default shell.
RUN ln [✔]
RUN ln with unrelated symlinks [✔]
RUN ln with multiple acceptable commands [✔]
Hadolint.Rule.DL4006
DL4006 - Set the `SHELL` option `-o pipefail` before RUN with a pipe in it
warn on missing pipefail [✔]
don't warn on commands with no pipes [✔]
don't warn on commands with pipes and the pipefail option [✔]
don't warn on commands with pipes and the pipefail option 2 [✔]
don't warn on commands with pipes and the pipefail option 3 [✔]
don't warn on commands with pipes and the pipefail zsh [✔]
don't warn on powershell [✔]
warns when using plain sh [✔]
warn on missing pipefail in the next image [✔]
warn on missing pipefail if next SHELL is not using it [✔]
ignore non posix shells: pwsh [✔]
ignore non posix shells: powershell [✔]
ignore non posix shells: cmd.exe [✔]
Hadolint.Rule.Shellcheck
Shellcheck
runs shellchek on RUN instructions [✔]
not warns on valid scripts [✔]
Does not complain on default env vars [✔]
Complain on missing env vars [✔]
Is aware of ARGS and ENV [✔]
Resets env vars after a FROM [✔]
Defaults the shell to sh [✔]
Can change the shell check to bash [✔]
Resets the SHELL to sh after a FROM [✔]
Does not complain on ash shell [✔]
Does not complain on non-posix shells: pwsh [✔]
Does not complain on non-posix shells: cmd.exe [✔]
Does not complain on non-posix shells, powershell - absolute path [✔]
Respects shell pragma [✔]
Respects global shell pragma [✔]
Hadolint.Shell
Shell unit tests
getFlagArgs [✔]
hasFlag [✔]
dropFlagArg [✔]
Regression
Regression Tests
Comments with backslashes at the end are just comments [✔]
`ARG` can correctly unset variables [✔]
Failures:
test/Hadolint/Formatter/SarifSpec.hs:32:7:
1) Hadolint.Formatter.Sarif, Formatter: Sarif, print empty results
expected: "{\"runs\":[{\"defaultSourceLanguage\":\"dockerfile\",\"results\":[],\"tool\":{\"driver\":{\"fullName\":\"Haskell Dockerfile Linter\",\"downloadUri\":\"https://github.com/hadolint/hadolint\",\"shortDescription\":{\"text\":\"Dockerfile linter, validate inline bash, written in Haskell\"},\"name\":\"Hadolint\",\"version\":\"UNKNOWN\"}}}],\"version\":\"2.1.0\",\"$schema\":\"http://json.schemastore.org/sarif-2.1.0\"}"
but got: "{\"runs\":[{\"results\":[],\"tool\":{\"driver\":{\"fullName\":\"Haskell Dockerfile Linter\",\"shortDescription\":{\"text\":\"Dockerfile linter, validate inline bash, written in Haskell\"},\"name\":\"Hadolint\",\"version\":\"UNKNOWN\",\"downloadUri\":\"https://github.com/hadolint/hadolint\"}},\"defaultSourceLanguage\":\"dockerfile\"}],\"version\":\"2.1.0\",\"$schema\":\"http://json.schemastore.org/sarif-2.1.0\"}"
To rerun use: --match "/Hadolint.Formatter.Sarif/Formatter: Sarif/print empty results/"
Randomized with seed 159882436
Finished in 2.5925 seconds
541 examples, 1 failure
Test suite hadolint-unit-tests: FAIL